What permissions are needed for sending messages via FCM? Unicorn Meta Zoo #1: Why another...
What is "leading note" and what does it mean to "raise a note"?
Why didn't the Space Shuttle bounce back into space as many times as possible so as to lose a lot of kinetic energy up there?
As an international instructor, should I openly talk about my accent?
Can you stand up from being prone using Skirmisher outside of your turn?
Putting Ant-Man on house arrest
Will I lose my paid in full property
Protagonist's race is hidden - should I reveal it?
Where did Arya get these scars?
Align column where each cell has two decimals with siunitx
Do I need to protect SFP ports and optics from dust/contaminants? If so, how?
Passing args from the bash script to the function in the script
std::is_constructible on incomplete types
Mistake in years of experience in resume?
What do you call the part of a novel that is not dialog?
Multiple options vs single option UI
What's parked in Mil Moscow helicopter plant?
Arriving in Atlanta after US Preclearance in Dublin. Will I go through TSA security in Atlanta to transfer to a connecting flight?
All ASCII characters with a given bit count
Book with legacy programming code on a space ship that the main character hacks to escape
Justification for leaving new position after a short time
How to keep bees out of canned beverages?
Why did Israel vote against lifting the American embargo on Cuba?
Co-worker works way more than he should
What is /etc/mtab in Linux?
What permissions are needed for sending messages via FCM?
Unicorn Meta Zoo #1: Why another podcast?
Announcing the arrival of Valued Associate #679: Cesar Manara
Come Celebrate our 10 Year Anniversary!What are fast and safe options to setup a VPN between the office and GCP?Why are Google Cloud Compute Engine WAN speeds less than what Google has documented?What are the correct Google Compute Engine scopes for Stackdriver Trace and Cloud PubSub?Google Cloud Platform Shared VPC page - insufficient permissionsNo permissions for my own project?getSignedUrl giving “SigningError: Failure from metadata server”Permissions for creating OAuth credentials in Google CloudGCloud compute engine - Permissions issue for the ownerCan I set a user password via metadata for a broken GCP VM?Unable to access organisations's IAM and audit logs pages in Google Cloud
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ height:90px;width:728px;box-sizing:border-box;
}
I'm trying to setup a service account for FCM using Terraform. I created a custom role based on permissions in the Firebase IAM Permissions reference. I can't get it to work.
Here's my custom role (including auth permissions):
resource "google_project_iam_custom_role" "firebase_access" {
project = "${data.google_project.firebase_project.id}"
# https://firebase.google.com/docs/projects/iam/permissions
permissions = [
# Auth
"firebaseauth.configs.get",
"firebaseauth.configs.update",
"firebaseauth.configs.create",
"firebaseauth.users.create",
"firebaseauth.users.createSession",
"firebaseauth.users.delete",
"firebaseauth.users.get",
"firebaseauth.users.sendEmail",
"firebaseauth.users.update",
# Cloud Messaging
"firebasenotifications.messages.create",
"firebasenotifications.messages.delete",
"firebasenotifications.messages.get",
"firebasenotifications.messages.list",
"firebasenotifications.messages.update",
# Firebase required
"firebaseanalytics.resources.googleAnalyticsReadAndAnalyze",
"resourcemanager.projects.get",
"resourcemanager.projects.getIamPolicy",
# "resourcemanager.projects.list", Not required
"servicemanagement.projectSettings.get",
"serviceusage.apiKeys.get",
"serviceusage.apiKeys.getProjectForKey",
"serviceusage.apiKeys.list",
"serviceusage.operations.get",
"serviceusage.operations.list",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list",
]
role_id = "[redacted]" # Can't have hyphens
title = "Firebase [redacted] Role"
description = "Provides the minimum permissions necessary for the [redacted] API to use Firebase"
}
I receive the below error:
Error: An error occurred when trying to authenticate to the FCM
servers. Make sure the credential used to authenticate this SDK has
the proper permissions. See
https://firebase.google.com/docs/admin/setup for setup instructions.
This is absolutely miserable. The error message isn't helpful at all. Checking a service account created via Firebase, I see there's an additional role, Firebase Admin SDK Administrator Service Agent. The role doesn't show up anywhere in documentation. I had to check out the HTTP request when adding the role to figure out its real name (roles/firebase.sdkAdminServiceAgent). Initially, I thought adding this role fixed my issue, but that was wrong. I had also added the Editor role, and GCP's IAM takes some time to update (-_-).
For now, I'm just going to add the Editor role, but I'd much prefer to constrain permissions as much as I possibly can.
What are the minimum permissions needed to sending FCM messages? The documentation is not helpful, as far as I can tell.
google-cloud-platform firebase asked Feb 25 at 5:32
TheBeegeTheBeege
106
add a comment |
I'm trying to setup a service account for FCM using Terraform. I created a custom role based on permissions in the Firebase IAM Permissions reference. I can't get it to work.
Here's my custom role (including auth permissions):
resource "google_project_iam_custom_role" "firebase_access" {
project = "${data.google_project.firebase_project.id}"
# https://firebase.google.com/docs/projects/iam/permissions
permissions = [
# Auth
"firebaseauth.configs.get",
"firebaseauth.configs.update",
"firebaseauth.configs.create",
"firebaseauth.users.create",
"firebaseauth.users.createSession",
"firebaseauth.users.delete",
"firebaseauth.users.get",
"firebaseauth.users.sendEmail",
"firebaseauth.users.update",
# Cloud Messaging
"firebasenotifications.messages.create",
"firebasenotifications.messages.delete",
"firebasenotifications.messages.get",
"firebasenotifications.messages.list",
"firebasenotifications.messages.update",
# Firebase required
"firebaseanalytics.resources.googleAnalyticsReadAndAnalyze",
"resourcemanager.projects.get",
"resourcemanager.projects.getIamPolicy",
# "resourcemanager.projects.list", Not required
"servicemanagement.projectSettings.get",
"serviceusage.apiKeys.get",
"serviceusage.apiKeys.getProjectForKey",
"serviceusage.apiKeys.list",
"serviceusage.operations.get",
"serviceusage.operations.list",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list",
]
role_id = "[redacted]" # Can't have hyphens
title = "Firebase [redacted] Role"
description = "Provides the minimum permissions necessary for the [redacted] API to use Firebase"
}
I receive the below error:
Error: An error occurred when trying to authenticate to the FCM
servers. Make sure the credential used to authenticate this SDK has
the proper permissions. See
https://firebase.google.com/docs/admin/setup for setup instructions.
This is absolutely miserable. The error message isn't helpful at all. Checking a service account created via Firebase, I see there's an additional role, Firebase Admin SDK Administrator Service Agent. The role doesn't show up anywhere in documentation. I had to check out the HTTP request when adding the role to figure out its real name (roles/firebase.sdkAdminServiceAgent). Initially, I thought adding this role fixed my issue, but that was wrong. I had also added the Editor role, and GCP's IAM takes some time to update (-_-).
For now, I'm just going to add the Editor role, but I'd much prefer to constrain permissions as much as I possibly can.
What are the minimum permissions needed to sending FCM messages? The documentation is not helpful, as far as I can tell.
google-cloud-platform firebase asked Feb 25 at 5:32
TheBeegeTheBeege
106
add a comment |
I'm trying to setup a service account for FCM using Terraform. I created a custom role based on permissions in the Firebase IAM Permissions reference. I can't get it to work.
Here's my custom role (including auth permissions):
resource "google_project_iam_custom_role" "firebase_access" {
project = "${data.google_project.firebase_project.id}"
# https://firebase.google.com/docs/projects/iam/permissions
permissions = [
# Auth
"firebaseauth.configs.get",
"firebaseauth.configs.update",
"firebaseauth.configs.create",
"firebaseauth.users.create",
"firebaseauth.users.createSession",
"firebaseauth.users.delete",
"firebaseauth.users.get",
"firebaseauth.users.sendEmail",
"firebaseauth.users.update",
# Cloud Messaging
"firebasenotifications.messages.create",
"firebasenotifications.messages.delete",
"firebasenotifications.messages.get",
"firebasenotifications.messages.list",
"firebasenotifications.messages.update",
# Firebase required
"firebaseanalytics.resources.googleAnalyticsReadAndAnalyze",
"resourcemanager.projects.get",
"resourcemanager.projects.getIamPolicy",
# "resourcemanager.projects.list", Not required
"servicemanagement.projectSettings.get",
"serviceusage.apiKeys.get",
"serviceusage.apiKeys.getProjectForKey",
"serviceusage.apiKeys.list",
"serviceusage.operations.get",
"serviceusage.operations.list",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list",
]
role_id = "[redacted]" # Can't have hyphens
title = "Firebase [redacted] Role"
description = "Provides the minimum permissions necessary for the [redacted] API to use Firebase"
}
I receive the below error:
Error: An error occurred when trying to authenticate to the FCM
servers. Make sure the credential used to authenticate this SDK has
the proper permissions. See
https://firebase.google.com/docs/admin/setup for setup instructions.
This is absolutely miserable. The error message isn't helpful at all. Checking a service account created via Firebase, I see there's an additional role, Firebase Admin SDK Administrator Service Agent. The role doesn't show up anywhere in documentation. I had to check out the HTTP request when adding the role to figure out its real name (roles/firebase.sdkAdminServiceAgent). Initially, I thought adding this role fixed my issue, but that was wrong. I had also added the Editor role, and GCP's IAM takes some time to update (-_-).
For now, I'm just going to add the Editor role, but I'd much prefer to constrain permissions as much as I possibly can.
What are the minimum permissions needed to sending FCM messages? The documentation is not helpful, as far as I can tell.
google-cloud-platform firebase asked Feb 25 at 5:32
TheBeegeTheBeege
106
I'm trying to setup a service account for FCM using Terraform. I created a custom role based on permissions in the Firebase IAM Permissions reference. I can't get it to work.
Here's my custom role (including auth permissions):
resource "google_project_iam_custom_role" "firebase_access" {
project = "${data.google_project.firebase_project.id}"
# https://firebase.google.com/docs/projects/iam/permissions
permissions = [
# Auth
"firebaseauth.configs.get",
"firebaseauth.configs.update",
"firebaseauth.configs.create",
"firebaseauth.users.create",
"firebaseauth.users.createSession",
"firebaseauth.users.delete",
"firebaseauth.users.get",
"firebaseauth.users.sendEmail",
"firebaseauth.users.update",
# Cloud Messaging
"firebasenotifications.messages.create",
"firebasenotifications.messages.delete",
"firebasenotifications.messages.get",
"firebasenotifications.messages.list",
"firebasenotifications.messages.update",
# Firebase required
"firebaseanalytics.resources.googleAnalyticsReadAndAnalyze",
"resourcemanager.projects.get",
"resourcemanager.projects.getIamPolicy",
# "resourcemanager.projects.list", Not required
"servicemanagement.projectSettings.get",
"serviceusage.apiKeys.get",
"serviceusage.apiKeys.getProjectForKey",
"serviceusage.apiKeys.list",
"serviceusage.operations.get",
"serviceusage.operations.list",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list",
]
role_id = "[redacted]" # Can't have hyphens
title = "Firebase [redacted] Role"
description = "Provides the minimum permissions necessary for the [redacted] API to use Firebase"
}
I receive the below error:
Error: An error occurred when trying to authenticate to the FCM
servers. Make sure the credential used to authenticate this SDK has
the proper permissions. See
https://firebase.google.com/docs/admin/setup for setup instructions.
This is absolutely miserable. The error message isn't helpful at all. Checking a service account created via Firebase, I see there's an additional role, Firebase Admin SDK Administrator Service Agent. The role doesn't show up anywhere in documentation. I had to check out the HTTP request when adding the role to figure out its real name (roles/firebase.sdkAdminServiceAgent). Initially, I thought adding this role fixed my issue, but that was wrong. I had also added the Editor role, and GCP's IAM takes some time to update (-_-).
For now, I'm just going to add the Editor role, but I'd much prefer to constrain permissions as much as I possibly can.
What are the minimum permissions needed to sending FCM messages? The documentation is not helpful, as far as I can tell.
google-cloud-platform firebase google-cloud-platform firebase asked Feb 25 at 5:32
TheBeegeTheBeege
106
asked Feb 25 at 5:32
TheBeegeTheBeege
106
asked Feb 25 at 5:32
TheBeegeTheBeege
106
asked Feb 25 at 5:32
TheBeegeTheBeege
106
asked Feb 25 at 5:32
TheBeegeTheBeege
106
106
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
i'm having trouble with the same thing. Did you got to any other solution rather than adding the editor role? Because the editor role walks over firebase rules, so I can't use it.
answered 13 mins ago
Uriel Lucas BertoliniUriel Lucas Bertolini
1
New contributor
Uriel Lucas Bertolini is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "2"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f955574%2fwhat-permissions-are-needed-for-sending-messages-via-fcm%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
i'm having trouble with the same thing. Did you got to any other solution rather than adding the editor role? Because the editor role walks over firebase rules, so I can't use it.
answered 13 mins ago
Uriel Lucas BertoliniUriel Lucas Bertolini
1
New contributor
Uriel Lucas Bertolini is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
i'm having trouble with the same thing. Did you got to any other solution rather than adding the editor role? Because the editor role walks over firebase rules, so I can't use it.
answered 13 mins ago
Uriel Lucas BertoliniUriel Lucas Bertolini
1
New contributor
Uriel Lucas Bertolini is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
i'm having trouble with the same thing. Did you got to any other solution rather than adding the editor role? Because the editor role walks over firebase rules, so I can't use it.
answered 13 mins ago
Uriel Lucas BertoliniUriel Lucas Bertolini
1
New contributor
Uriel Lucas Bertolini is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
i'm having trouble with the same thing. Did you got to any other solution rather than adding the editor role? Because the editor role walks over firebase rules, so I can't use it.
answered 13 mins ago
Uriel Lucas BertoliniUriel Lucas Bertolini
1
New contributor
Uriel Lucas Bertolini is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered 13 mins ago
Uriel Lucas BertoliniUriel Lucas Bertolini
1
New contributor
Uriel Lucas Bertolini is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered 13 mins ago
Uriel Lucas BertoliniUriel Lucas Bertolini
1
answered 13 mins ago
Uriel Lucas BertoliniUriel Lucas Bertolini
1
1
New contributor
Uriel Lucas Bertolini is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
Uriel Lucas Bertolini is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Uriel Lucas Bertolini is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
add a comment |
Thanks for contributing an answer to Server Fault!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f955574%2fwhat-permissions-are-needed-for-sending-messages-via-fcm%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
